def decorated_function(*args, **kwargs):
if not current_user.can(permisssion):
print "Can it?"
print current_user.can(permisssion)
abort(403)
print "probably can"
return f(*args, **kwargs)
def insert_contract():
form = ContractForm()
page = request.args.get('page', 1, type=int)
pagination = Contract.query.order_by(desc(Contract.timestamp)).outerjoin(Contract_Device).add_entity(Contract_Device).outerjoin(Contract_Device_Number)\
.add_entity(Contract_Device_Number).outerjoin(Device).add_entity(Device).outerjoin(Purchase).add_entity(Purchase)\
.paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],error_out=False)
contracts = pagination.items
if form.validate_on_submit() and current_user.can(Permission.CONTRACT):
contract = Contract(contract_number=form.contract_number.data,material_operator=form.material_operator.data,\
contract_date=form.contract_date.data,contract_value=form.contract_value.data,\
planned_arrival_date=form.planned_arrival_date.data)
if not Contract.query.filter_by(contract_number=form.contract_number.data).first():
db.session.add(contract)
db.session.commit()
else:
db.session.rollback()
flash("您可能输入了重复的合同编号或者非法字符,请重新刷新网页")
return redirect(url_for('.insert_contract'))
elif form.validate_on_submit() and not current_user.can(Permission.PURCHASE) :
flash('你没有权限写入合同')
return redirect(url_for('.insert_contract'))
return render_template('insert_contract.html', form=form, contracts=contracts,pagination=pagination)
def insert_contract_device(id):
form = ContractDeviceForm()
contract = Contract.query.filter_by(id=id).first() #已经添加的合同设备
if form.validate_on_submit() and current_user.can(Permission.CONTRACT_DEV):
device_quantity=int(form.device_quantity.data)
if device_quantity!=form.device_quantity.data:
flash('设备数量必须为整数')
return redirect(url_for('.insert_contract_subject',id=id))
contract_device = Contract_Device(contract_subject_matter=form.contract_subject_matter.data,model=form.model.data,supplier=form.supplier.data,\
unit_price=form.unit_price.data,device_quantity=form.device_quantity.data,\
settlement_amount=form.settlement_amount.data,\
remarks_contract_device=form.remarks_contract_device.data,\
contract_device=contract) #将表单信息插入devices表
db.session.add(contract_device)
db.session.commit()
#功能为提交一次合同设备内容,则根据设备数量n提交n个合同设备细项
for i in range(device_quantity):
contract_device_number=Contract_Device_Number(serial_number=i+1, contract_device_number=contract_device)
db.session.add(contract_device_number)
db.session.commit()
return redirect(url_for('.insert_contract_device',id=id))
elif form.validate_on_submit() and not current_user.can(Permission.CONTRACT_DEV) :
flash('你没有权限写入合同设备')
return redirect(url_for('.insert_contract_device',id=id))
contract_devices = Contract_Device.query.filter_by(contract_id=id).order_by(Contract_Device.timestamp.desc()).all() #.filter_by(XXX)
return render_template('insert_contract_device.html', form=form, contract=contract,contract_devices=contract_devices)
def question(id):
"""show the questions"""
answerForm = AnswerForm()
commentForm = CommentForm()
question = Question.query.filter_by(id=id).first_or_404()
answer_id = request.args.get('answer_id', -1, type=int)
comments = Comment.query.filter_by(answer_id=answer_id).order_by(Comment.timestamp.desc())
answer= Answer.query.filter_by(id=answer_id)
if current_user.can(Permission.WRITE_ARTICLES) and \
answerForm.validate_on_submit():
answer = Answer(answer=answerForm.body.data,
author=current_user._get_current_object(),
authorname=current_user.username,
question=question )
db.session.add(answer)
return redirect(url_for('.question', id=id))
if current_user.can(Permission.WRITE_ARTICLES) and \
commentForm.validate_on_submit():
comment = Comment(comment=commentForm.body.data,
author=current_user._get_current_object(),
authorname=current_user.username,
answer=answer)
db.session.add(answer)
return redirect(url_for('.question', id=id))
answers = Answer.query.filter_by(question_id=question.id).order_by(Answer.timestamp.desc())
asker = User.query.filter_by(id=question.author_id).first()
return render_template("question.html", question=question, asker=asker,
answerForm=answerForm, answers=answers, comments=comments,
commentForm=commentForm, answer_id=answer_id)
def read_article(slug):
article = Article.query.filter_by(slug=slug).first_or_404()
# get the latest article
# we have to account for article.ids that have been deleted
# we have gaps between some ids
index = 1
next_article = Article.query.filter_by(id=article.id + index).first()
while next_article is None:
index = index + 1
next_article = Article.query.filter_by(id=article.id + index).first()
if next_article is not None:
break
else:
next_article = Article.query.filter_by(id=article.id - index).first()
# get related articles
article_category = Category.query.filter_by(id=article.category_id).first()
related_articles = article_category.posts.order_by(Article.post_date.desc()).limit(3)
# comment shit
comment_form = CommentForm(prefix='comment')
if comment_form.validate_on_submit() and comment_form.submit.data:
if current_user.can(Permission.COMMENT):
comment = Comment(
body=comment_form.body.data,
author=current_user._get_current_object(),
article=article
)
db.session.add(comment)
flash('Your comment has been posted!')
return redirect(url_for('articles.read_article', slug=article.slug))
# elif comment_form.email.data:
# flash('an email was entered')
else:
flash('please login to comment')
comments = article.comments.filter_by(reply_to=None).order_by(Comment.timestamp.desc()).limit(20)
reply_form = ReplyForm(prefix='reply')
if reply_form.validate_on_submit() and reply_form.submit.data:
if current_user.can(Permission.COMMENT):
og_comment = Comment.query.filter_by(id=reply_form.comment_id.data).first()
reply = Comment(
body=reply_form.body.data,
author=current_user._get_current_object(),
article=article,
reply_to=og_comment
)
db.session.add(reply)
flash('hey you posted a reply!')
return redirect(url_for('articles.read_article', slug=article.slug))
else:
flash('you must login in order to reply')
return render_template('articles/view.html', article=article,
next_article=next_article, related_articles=related_articles,
comment_form=comment_form, comments=comments,
reply_form=reply_form)
def moderate_delete(id):
comment = Comment.query.get_or_404(id)
if( not current_user.can(Permission.MODERATE_COMMENTS) ) and( current_user.id != comment.author_id ) and (current_user.id != Post.query.filter_by(id = comment.post_id).first().author_id):
abort(403)
else:
db.session.delete(comment)
db.session.commit()
if ( current_user.can(Permission.MODERATE_COMMENTS)):
return redirect(url_for('main.moderate', page= request.args.get('page',1,type=int)))
else:
return redirect(url_for('main.post',id = comment.post_id))
def index():
form = PostForm()
page = request.args.get("page", 1, type=int)
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for(".index"))
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get("show_followed", ""))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config["FLASKY_POSTS_PER_PAGE"],
error_out=False)
posts = pagination.items
return render_template("index.html",
form=form,
posts=posts,
show_followed=show_followed,
pagination=pagination)
def upload_head(username):
# get head_img_name by ajax
head_img_name = request.args.get('head_img_name', '', type=str)
# get user who is going to change his head_portrait
user = User.query.filter_by(username=username).first()
# user is None
if user is None:
flash(u'该用户不存在')
return redirect(url_for('main.user_list'))
# if you are not admin or self, can't change it
if current_user != user and not current_user.can(Permission.ADMINISTER):
flash(u'你没有权限修改他人的头像信息')
return redirect('main.user', username=user.username)
# upload image and get status
img_src, status = upload_image('head', head_img_name)
if status:
# uploaded success
tag = u'头像上传成功'
# update to db
user.head_portrait = img_src
db.session.add(user)
else:
# uploaded failed
tag = u'头像上传失败'
flash(tag)
return jsonify(result=json.dumps({'id':1, }, encoding='utf-8'))
def index():
show_followed = False
form = PostForm()
page_count = PageCount.query.get_or_404(1)
if page_count.count is None:
page_count.count = 1
else:
page_count.count = int(page_count.count) + 1
flash("Site has experienced a breakdown, inconvenience is regretted! ")
if current_user.can(
Permission.WRITE_ARTICLE) and form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('main.index'))
# posts = Post.query.order_by(Post.timestamp.desc()).all()
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
page = request.args.get('page', 1, type=int)
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POST_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html',
posts=posts,
form=form,
pagination=pagination,
show_followed=show_followed,
count=page_count.count)
def edit_report(id):
task = ''
if str(id).count('_') == 2:
lab_id, st_id, task = str(id).split('_')
lab_id = int(lab_id)
st_id = int(st_id)
else:
lab_id, st_id, _, __ = [int(i) for i in str(id).split('_')]
if not current_user.can(Permission.ADMIN):
if not lab_id in current_user.list_of_labs_to_check():
return render_template('403.html')
form = EditReportForm()
student = get_student_name(current_app.config['DB'], st_id)
report_fname, report = return_report_content(current_app.config['DB'],
st_id, lab_id, task,
current_app.config)
form.report.data = report
if form.validate_on_submit():
with open(report_fname, 'w') as report_f:
report_f.write(request.form['report'])
return redirect(
url_for('main.report', id=str(lab_id) + '_' + str(st_id)))
return render_template('edit_report.html',
lab=lab_id,
task=task,
student=student,
st_id=st_id,
report=report,
form=form)
def index():
nav = {}
# add admin tasks
if current_user.can(Permission.ADMINISTRATOR):
nav['users'] = _("Users")
return render_template('window.html', mainnav=nav.items())
def edit(id):
post = Post.query.get_or_404(id)
if current_user != post.author and not current_user.can(Permission.ADMINISTER):
abort(403)
form = EditForm()
if form.data['submit']:
post.title = form.title.data
post.summary = form.summary.data
post.body = form.body.data
db.session.add(post)
flash('The post has been updated.')
return redirect(url_for('.post', id=post.id))
if form.data['delete']:
db.session.delete(post)
flash('The post has been updated.')
return redirect(url_for('.index'))
#return render_template('edit_post.html', form=form,delete_form=delete_form)
if form.data['cancel']:
return redirect(url_for('.index'))
form.title.data = post.title
form.summary.data = post.summary
form.body.data = post.body
return render_template('edit_post.html', form=form)
def decorated_function(bug_id):
bugs = Bugs.get_by_bug_id(bug_id)
if not (current_user == bugs.author and \
bugs.status_equal(Bug_Now_Status.CREATED)) and \
not current_user.can(Permission.ADMINISTER):
abort(403)
return f(bug_id)
def moderate_delete(id):
comment = Comment.query.get_or_404(id)
if (not current_user.can(Permission.MODERATE_COMMENTS)) and (
current_user.id != comment.author_id) and (
current_user.id !=
Post.query.filter_by(id=comment.post_id).first().author_id):
abort(403)
else:
db.session.delete(comment)
db.session.commit()
if (current_user.can(Permission.MODERATE_COMMENTS)):
return redirect(
url_for('main.moderate',
page=request.args.get('page', 1, type=int)))
else:
return redirect(url_for('main.post', id=comment.post_id))
def edit(id):
post = Post.query.get_or_404(id)
if post.category_id:
category = Category.query.get_or_404(post.category_id)
if current_user != post.author and not current_user.can(Permission.ADMINISTER):
abort(403)
# 这里使用 的 PostForm 表单类和首页中使用的是同一个。
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.intro = form.intro.data
post.body = form.body.data
if form.category_name.data:
category_name_exists = Category.query.filter_by(category_name=form.category_name.data).first()
if not category_name_exists:
category = Category(category_name=form.category_name.data)
db.session.add(category)
db.session.commit()
post.category_id = category.id
else:
post.category_id = category_name_exists.id
db.session.add(post)
db.session.commit()
flash('文章已提交 (。・`ω´・)')
return redirect(url_for('.post', id=post.id))
form.title.data = post.title
form.intro.data = post.intro
form.body.data = post.body
if post.category_id:
category = Category.query.filter_by(id=post.category.id).first()
form.category_name.data = category.category_name
return render_template('edit_post.html', form=form)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body = form.body.data,
author = current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type = int)
#requset.args为请求的查询字符串
#get()中有三个参数,key, default, type
#如果没有指定page,默认为1,type = init为了确保若参数无法转换为整数,返回默认值
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page = current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out = False)
#Post.timestamp.desc()为按时间戳降序排列
#paginate()方法接受三个参数,起始页,每一页的数目,错误标志,True为404,False为空列表
posts = pagination.items
#迭代器,index.html中要用到
return render_template('index.html', form = form, posts = posts,
show_followed = show_followed, pagination = pagination)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,location=form.location.data,name=form.name.data,
author=current_user._get_current_object())
db.session.add(post)
f = request.files['avatar']
fname = secure_filename(f.filename)
if fname != '':
UPLOAD_FOLDER = '\\app\\static\\avatar\\'
f.save(os.getcwd() + UPLOAD_FOLDER + post.name + "_" + fname)
post.real_avatar = post.name + "_" + fname
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html', form=form, posts=posts,
show_followed=show_followed, pagination=pagination)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
# set show_followed as False first, then get show_followed from cookies
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
# what's followed_posts? the property?
# if yes, show followed post, else show all posts
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['BLOG_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html',
form=form,
posts=posts,
pagination=pagination,
show_followed=show_followed)
def edit_post(id):
post = Post.query.get_or_404(id)
if current_user != post.author and \
not current_user.can(Permission.ADMINISTER):
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.body = form.body.data
post.category = Category.query.get(form.category.data)
if form.tags.data:
for tag in post.tags.all():
post.tags.remove(tag)
for tag in form.tags.data:
post.tags.append(tag)
else:
form.tags.data = post.tags.all()
db.session.add(post)
db.session.commit()
flash(u'文章已更新。')
return redirect(url_for('.post', id=post.id))
form.title.data = post.title
form.body.data = post.body
form.tags.data = post.tags.all()
form.category.data = post.category_id
return render_template('add_post.html', form=form, title=u'编辑文章')
def _question():
form = request.form.get("postform")
if current_user.can(Permission.WRITE_ARTICLES):
post = Post(body=form, author=current_user._get_current_object())
db.session.add(post)
db.session.commit()
return redirect(url_for('.index'))
def _add_comment():
"""ajax add comment HTML
"""
per_page = current_app.config['FLASKY_ANSWERS_PER_PAGE']
id = request.args.get('answer_id')
answer = Answer.query.get_or_404(id)
comment = request.args.get('comment')
answers = Answer.query.get_or_404(id)
page = 1
result = False
if current_user.can(Permission.COMMENT):
comment = Comment(body=comment,
author=current_user._get_current_object(),
answer_id=id)
db.session.add(comment)
db.session.commit()
page = (answer.comments.count() - 1) / per_page + 1
result = True
pagination = Comment.query.order_by(
Comment.timestamp).filter_by(answer_id=id).paginate(page,
per_page=per_page,
error_out=False)
macro_comment = get_template_attribute("_comments.html", "render_comments")
macro_page = get_template_attribute("_page.html", "render_page")
comments = pagination.items
return jsonify({
'result':
result,
'comment_html':
macro_comment(comments),
'page_html':
macro_page(pagination),
'comments_timestamp': [comment.timestamp for comment in comments],
'comments_id': [comment.id for comment in comments]
})
def edit_post(id):
post = Post.query.get_or_404(id)
if current_user != post.author and \
not current_user.can(Permission.ADMINISTER):
abort(403)
form = PostForm()
if form.validate_on_submit():
post.title = form.title.data
post.body = form.body.data
post.category = Category.query.get(form.category.data)
if form.tags.data:
for tag in post.tags.all():
post.tags.remove(tag)
for tag in form.tags.data:
post.tags.append(tag)
else:
form.tags.data = post.tags.all()
db.session.add(post)
db.session.commit()
flash(u'文章已更新。')
return redirect(url_for('.post', id=post.id))
form.title.data = post.title
form.body.data = post.body
form.tags.data = post.tags.all()
form.category.data = post.category_id
return render_template('add_post.html', form=form, title=u'编辑文章')
def edit(user_id):
if current_user.id == user_id or current_user.can(
Permission.UPDATE_OTHERS_INFORMATION):
the_user = User.query.get_or_404(user_id)
form = EditProfileForm()
if form.validate_on_submit():
the_user.name = form.name.data
the_user.major = form.major.data
the_user.headline = form.headline.data
the_user.about_me = form.about_me.data
db.session.add(the_user)
db.session.commit()
flash(u'Information updatad', "info")
return redirect(url_for('user.detail', user_id=user_id))
form.name.data = the_user.name
form.major.data = the_user.major
form.headline.data = the_user.headline
form.about_me.data = the_user.about_me
return render_template('user_edit.html',
form=form,
user=the_user,
title=u"Edit information")
else:
abort(403)
def post(id):
post = Post.query.get_or_404(id)
form = CommentForm()
if form.validate_on_submit():
comment = Comment(body=form.body.data,
post=post,
author=current_user._get_current_object())
db.session.add(comment)
db.session.commit()
flash('Your comment has been published.')
return redirect(url_for('main.post', id=post.id) + '#comments')
page = request.args.get('page', 1, type=int)
if page == -1:
page = (post.comments.count() -
1) / current_app.config['FLASKY_COMMENTS_PER_PAGE'] + 1
pagination = post.comments.order_by(Comment.timestamp.asc()).paginate(
page,
per_page=current_app.config['FLASKY_COMMENTS_PER_PAGE'],
error_out=False)
comments = pagination.items
if current_user.is_anonymous:
moderate = False
else:
if current_user.id == post.author_id or current_user.can(
Permission.MODERATE_COMMENTS):
moderate = True
else:
moderate = False
return render_template('main/articles.html',
posts=[post],
form=form,
comments=comments,
pagination=pagination,
moderate_set=moderate)
def delete_post_confirm(id):
post = Post.query.get_or_404(id)
if current_user != post.author and not current_user.can(Permission.ADMINISTER):
abort(403)
db.session.delete(post)
db.session.commit()
return redirect(url_for('main.index'))
def search():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
# search key values
search_data = g.search_form.search.data
if not search_data:
search_data = request.args.get('search')
if search_data:
query = query.filter(Post.body.like('%{0}%'.format(search_data.encode('utf-8'))))
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html', form=form, search_form=g.search_form, search_data=search_data, posts=posts,
show_followed=show_followed, pagination=pagination)
def index():
form = PostForm()
user = User()
message = Message()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,head=form.head.data,
author=current_user._get_current_object()) #内容、标题、作者
db.session.add(post)
flash("博客已发布")
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items[:] #分页显示
return render_template('index.html', form=form, posts=posts,user=current_user,message=message,
show_followed=show_followed, pagination=pagination,current_time=datetime.utcnow())
def unanswer():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
print query.filter(Post.comments).count()
print type(Post.comments)
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
# list topic
topic_query = Topic.query.filter(Topic.id == TopicMapping.topic_id)
topic_pagination = topic_query.order_by(Topic.add_time.asc()).paginate(
1, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'] * 5,
error_out=False)
topics = topic_pagination.items
return render_template('unanswer.html', form=form, search_form=g.search_form, posts=posts, topics=topics,
show_followed=show_followed, pagination=pagination)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index')) # redirs within blueprint can use this form, across needs 'bpname.index'
page = request.args.get('page',1, type=int) # request's query string is available as request.args. When explicit
# page isn't given, default=1. type=int ensures will be int.
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed','')) # choice of showing all or none stored in cookie
# called show_followed. When set to nonempty string means only followed posts should be shown.
# Cookies are stored in request obj as a request.cookies dict.
# String val of cookie converted to Boolean
if show_followed:
query = current_user.followed_posts # uses user's followed posts property.
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False) # paginate obj takes page num
# as first required arg, then optional per_page defaults to 20 or whatever is config'd. Error_out: True issues 404
# if a page outside valid range requested, error_out:Flase returns empty list. looks like ?page=2.
#posts = Post.query.order_by(Post.timestamp.desc()).all() # loads all posts
posts = pagination.items
return render_template('index.html',
form=form,
pagination=pagination,
posts = posts,
current_time = datetime.utcnow(),
show_followed=show_followed)
def index():
form = QuestionForm()
if current_user.can(Permission.ASK) and form.validate_on_submit():
question = Question(body=form.body.data, detail=form.detail.data, author=current_user._get_current_object())
db.session.add(question)
db.session.flush()
question_activity = Activity(
verb="asked", object=question, actor_id=current_user.id, timestamp=question.timestamp
)
db.session.add(question_activity)
return redirect(url_for(".index"))
page = request.args.get("page", 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get("show_followed", ""))
if show_followed:
query = current_user.followed_activities
else:
query = Activity.query
pagination = query.order_by(Activity.timestamp.desc()).paginate(
page, per_page=current_app.config["FLASKQ_ACTIVITIES_PER_PAGE"], error_out=False
)
activities = pagination.items
comment_form = CommentForm()
return render_template(
"index.html",
form=form,
activities=activities,
show_followed=show_followed,
pagination=pagination,
comment_form=comment_form,
)
def index():
from utils import cheese
cheese()
form = PostForm()
if current_user.can(
Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(body=form.body.data, author_id=current_user.id)
#post.on_changed_body()
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html',
form=form,
posts=posts,
show_followed=show_followed,
pagination=pagination)
def index():
form = PostForm()
user = User()
message = Message()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
head=form.head.data,
author=current_user._get_current_object()) #内容、标题、作者
db.session.add(post)
flash("博客已发布")
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items[:] #分页显示
return render_template('index.html',
form=form,
posts=posts,
user=current_user,
message=message,
show_followed=show_followed,
pagination=pagination,
current_time=datetime.utcnow())
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
#requset.args为请求的查询字符串
#get()中有三个参数,key, default, type
#如果没有指定page,默认为1,type = init为了确保若参数无法转换为整数,返回默认值
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
#Post.timestamp.desc()为按时间戳降序排列
#paginate()方法接受三个参数,起始页,每一页的数目,错误标志,True为404,False为空列表
posts = pagination.items
#迭代器,index.html中要用到
return render_template('index.html',
form=form,
posts=posts,
show_followed=show_followed,
pagination=pagination)
def write_post():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(title=form.title.data, body=form.body.data,author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('main.index', posts=[post]))
return render_template('write_post.html', form=form)
def tags():
search_tags = request.args.get('search', None)
page = request.args.get('page', 1, type=int)
the_tags = Tag.query.outerjoin(book_tag).group_by(
book_tag.c.tag_id).order_by(db.func.count(
book_tag.c.book_id).desc()).limit(30).all()
search_form = SearchForm()
search_form.search.data = search_tags
data = None
pagination = None
if search_tags:
tags_list = [
s.strip() for s in search_tags.split(',') if len(s.strip()) > 0
]
if len(tags_list) > 0:
the_books = Book.query
if not current_user.can(Permission.UPDATE_BOOK_INFORMATION):
the_books = Book.query.filter_by(hidden=0)
the_books = the_books.filter(
db.and_(*[
Book.tags.any(Tag.name.ilike(word)) for word in tags_list
])).outerjoin(Log).group_by(Book.id).order_by(
db.func.count(Log.id).desc())
pagination = the_books.paginate(page, per_page=8)
data = pagination.items
return render_template('book_tag.html',
tags=the_tags,
title='Tags',
search_form=search_form,
books=data,
pagination=pagination)
def index():
form = QuestionForm()
if current_user.can(Permission.ASK) and \
form.validate_on_submit():
question = Question(body=form.body.data,
detail=form.detail.data,
author=current_user._get_current_object())
db.session.add(question)
db.session.flush()
question_activity = Activity(verb='asked', object=question,
actor_id=current_user.id,
timestamp=question.timestamp)
db.session.add(question_activity)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_activities
else:
query = Activity.query
pagination = query.order_by(Activity.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKQ_ACTIVITIES_PER_PAGE'],
error_out=False)
activities = pagination.items
comment_form = CommentForm()
return render_template('index.html', form=form, activities=activities,
show_followed=show_followed, pagination=pagination,
comment_form=comment_form)
def index():
search_word = request.args.get('search', None)
search_form = SearchForm()
page = request.args.get('page', 1, type=int)
the_books = Book.query
if not current_user.can(Permission.UPDATE_BOOK_INFORMATION):
the_books = Book.query.filter_by(hidden=0)
if search_word:
search_word = search_word.strip()
the_books = the_books.filter(
db.or_(Book.title.ilike(u"%%%s%%" % search_word),
Book.author.ilike(u"%%%s%%" % search_word),
Book.isbn.ilike(u"%%%s%%" % search_word),
Book.tags.any(Tag.name.ilike(u"%%%s%%" % search_word)),
Book.subtitle.ilike(
u"%%%s%%" % search_word))).outerjoin(Log).group_by(
Book.id).order_by(db.func.count(Log.id).desc())
search_form.search.data = search_word
else:
the_books = Book.query.order_by(Book.id.desc())
pagination = the_books.paginate(page, per_page=8)
result_books = pagination.items
return render_template("book.html",
books=result_books,
pagination=pagination,
search_form=search_form,
title=u"书籍清单")
def show_quiz(id):
form = None
quiz = Quiz.query.get_or_404(id)
if current_user.can(Permission.MANAGE_QUIZ):
is_moderator = True
form = CreateTaskForm()
return render_template("quiz.html", quiz=quiz, is_moderator=is_moderator, form=form)
def index():
form = QuestionForm()
if current_user.can(Permission.WRITE_QUESTIONS) and form.validate_on_submit():
question = Question(body=form.body.data, content=form.content.data,
author=current_user._get_current_object())
db.session.add(question)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = 0
session['act'] = u'提出'
if current_user.is_authenticated:
show_followed = int(request.cookies.get('show_followed', '0'))
if show_followed == 1:
query = current_user.followed_questions
elif show_followed == 2:
query = current_user.followed_replys
session['act'] = u'回答'
pagination = query.order_by(Reply.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_REPLYS_PER_PAGE'],
error_out=False)
replys = pagination.items
return render_template('index.html', form=form, replys=replys,
show_followed=show_followed, pagination=pagination, act=session.get('act'))
else:
query = Question.query
pagination = query.order_by(Question.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_QUESTIONS_PER_PAGE'],
error_out=False)
questions = pagination.items
return render_template('index.html', form=form, questions=questions,
show_followed=show_followed, pagination=pagination, act=session.get('act'))
def question(id):
"""
Shows question description etc, and maybe also creator info.
Also has answer question form
Todo: Delete button. Should it be a simple button with a POST and refresh, or should it be a form?
:param id:
:return:
"""
form = CreateAnswerForm()
question = Question.query.get_or_404(id) # get gets things based on primary key, otherwise use .filter_by
if form.validate_on_submit() and current_user.can(Permission.CREATE):
# Add answer
answer = Answer(author=current_user._get_current_object(), question=question, content=form.answer.data)
db.session.add(answer)
db.session.commit()
return redirect(url_for('main.question', id=id))
elif form.validate_on_submit() and current_app.has_answered(id=id):
# just in case
flash("Sorry, you can't answer a question more than once")
return redirect(url_for('main.question', id=id))
elif not question.visible and not current_user.is_administrator():
# just in case
flash("That page isn't ready for the public yet, sorry!")
return redirect(url_for("main.index"))
else:
creator = User.query.filter_by(id=question.creator_id).first()
if question.solved:
accepted = Answer.query.get_or_404(question.accepted_id)
else:
accepted = None
# some way to find if a user has already answered the question
return render_template("question.html", creator=creator, id=id, form=form, Permission=Permission,
question=question, a=accepted)
def wrapper(*args, **kwargs): if not current_user.can(permission): abort(403) ''' 要return,否则会出现View function did not return a response错误 ''' return func(*args, **kwargs)
def new():
form = PostForm()
if not current_user.can(Permission.WRITE_ARTICLES):
abort(403)
if form.validate_on_submit():
post = Post(body=form.body.data,
title=form.title.data,
viewed_count=0,
author=current_user._get_current_object(),
tags_txt=form.tags.data)
db.session.add(post)
tags = form.tags.data.split(';')
for tag in tags:
ttag = Tag.query.filter_by(content=tag).first()
if ttag is not None:
ttag.refer_count = ttag.refer_count + 1
else:
ttag = Tag(content=tag, refer_count=1)
post_tag = PostTag(post=post, tag=ttag)
db.session.add(ttag)
db.session.add(post_tag)
flash(messages.post_create_ok)
db.session.commit()
return redirect(url_for('main.index', shows='home'))
if None == form.body.data:
form.body.data = '# 标题\n\n内容'
if None == form.title.data:
form.title.data = '输入博文名字'
if None == form.tags.data:
form.tags.data = '标签通过;隔开。'
return render_template('edit.html', form=form)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
##
db.session.commit()
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))#?????????????
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html', form=form, posts=posts,
show_followed=show_followed, pagination=pagination)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and \
form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object()
) #这里要用真正的用户对象因此调用_get_current_object()方法
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get(
'page', 1, type=int) #这里得到的是一个int型,也就是一个数字,默认1,1代表这个路由渲染第一页,当然也可以改成其他页
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False) #传入渲染的页数和每页的纪录数
#可选参数为 error_ out,当其设为 True 时(默认值),如果请求的页数超出了范围,则会返回 404 错误;如果 设为 False,页数超出范围时会返回一个空列表。
posts = pagination.items
return render_template('index.html',
form=form,
posts=posts,
show_followed=show_followed,
pagination=pagination)
def post_article():
if not current_user.can(Permission.WRITE_ARTICLES):
abort(403)
form = PostForm()
if form.validate_on_submit():
#filter cover img
coverFile = request.files['cover']
if coverFile and allowed_file(coverFile.filename):
filename = secure_filename(coverFile.filename)
coverFile.save(os.path.join(UPLOAD_FOLDER, filename))
cover = url_for('static', filename="upload/" + filename)
else:
body = form.editor1.data
cover = re.findall(r"<img.+src=[\"|\']([^=]+)[\"|\'] *.*>", body)
if len(cover) == 0:
abort(403)
else:
cover = cover[0]
post = Post(title=form.title.data,
abstract=form.abstract.data,
cover=cover,
body=form.editor1.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('main.index'))
return render_template('post_article.html', form=form)
def index():
form = PostForm()
if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(body=form.body.data, author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
# Выбор между отображением всех сообщений или только пренадлежащих
# зарегистрированным пользователям. Берется из кук
# per_page - число элементов на странице
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
# pagination = query.order_by(
# Post.timestamp.desc()
# ).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
pagination = query.order_by(
Post.timestamp.desc()
).paginate(page, per_page=20, error_out=False)
posts = pagination.items
return render_template(
'index.html', form=form, posts=posts, show_followed=show_followed, pagination=pagination
)
def index():
#return render_template('index.html')
form = PostForm()
if current_user.can(
Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(body=form.body.data,
author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
page = request.args.get('page', 1, type=int)
show_followed = False
if current_user.is_authenticated:
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config.get('FLASK_POSTS_PER_PAGE', 10),
error_out=False)
#posts = Post.query.order_by(Post.timestamp.desc()).all()
posts = pagination.items
return render_template('index.html',
form=form,
posts=posts,
Permission=Permission,
pagination=pagination,
show_followed=show_followed)
def new():
form = PostForm()
if not current_user.can(Permission.WRITE_ARTICLES):
abort(403)
if form.validate_on_submit():
post = Post(body=form.body.data, title=form.title.data, viewed_count=0, author=current_user._get_current_object(), tags_txt=form.tags.data)
db.session.add(post)
tags = form.tags.data.split(';')
for tag in tags:
ttag = Tag.query.filter_by(content=tag).first()
if ttag is not None:
ttag.refer_count = ttag.refer_count + 1
else:
ttag = Tag(content=tag, refer_count=1)
post_tag = PostTag(post=post, tag=ttag)
db.session.add(ttag)
db.session.add(post_tag)
flash(messages.post_create_ok)
db.session.commit()
return redirect(url_for('main.index', shows='home'))
if None == form.body.data:
form.body.data = '# 标题\n\n内容'
if None == form.title.data:
form.title.data = '输入博文名字'
if None == form.tags.data:
form.tags.data = '标签通过;隔开。'
return render_template('edit.html', form=form)
def index():
form = PostForm()
#检查当前用户是否有写文章的权限
if current_user.can(Permission.WRITE_ARTICLES) and form.validate_on_submit():
post = Post(body=form.body.data, author=current_user._get_current_object())
db.session.add(post)
return redirect(url_for('.index'))
#posts = Post.query.order_by(Post.timestamp.desc()).all() #按时间戳进行降序排序(大到小排序)
#return render_template('index.html', form=form, posts=posts)
#分页(默认20条记录 paginate()方法 配置文件FLASKY_POSTS_PER_PAGE = 20 )
page = request.args.get('page', 1, type=int)
# 显示所有博客文章 或 只显示所关注用户的博客文章
show_followed = False #默认显示所有文章
#如果cookie的show_followed字段中有值,则显示所关注用户的文章
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts #限制只显示所关注用户的文章
else:
query = Post.query #显示所有文章
#pagination = Post.query.order_by(Post.timestamp.desc()).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
pagination = query.order_by(Post.timestamp.desc()).paginate(page, per_page=current_app.config['FLASKY_POSTS_PER_PAGE'], error_out=False)
posts = pagination.items
#return render_template('index.html', form=form, posts=posts, pagination=pagination)
return render_template('index.html', form=form, posts=posts, show_followed=show_followed, pagination=pagination)
def _add_comment():
"""ajax add comment HTML
"""
per_page = current_app.config['FLASKY_ANSWERS_PER_PAGE']
id = request.args.get('answer_id')
answer = Answer.query.get_or_404(id)
comment =request.args.get('comment')
answers = Answer.query.get_or_404(id)
page = 1
result= False
if current_user.can(Permission.COMMENT):
comment = Comment(body=comment,
author=current_user._get_current_object(),
answer_id=id)
db.session.add(comment)
db.session.commit()
page = (answer.comments.count()-1)/per_page + 1
result=True
pagination = Comment.query.order_by(Comment.timestamp).filter_by(answer_id=id).paginate(
page,per_page=per_page,error_out=False
)
macro_comment = get_template_attribute("_comments.html", "render_comments")
macro_page = get_template_attribute("_page.html", "render_page")
comments = pagination.items
return jsonify({'result': result,
'comment_html': macro_comment(comments),
'page_html': macro_page(pagination),
'comments_timestamp': [comment.timestamp for comment in comments],
'comments_id': [comment.id for comment in comments]
})
def post(id):
post = Post.query.get_or_404(id)
post.viewed_count = post.viewed_count + 1
db.session.add(post)
form = CommentForm()
if not current_user.can(Permission.COMMENT):
flash(messages.comment_cannot_access)
else:
if form.validate_on_submit():
comment = Comment(author_id=current_user.id,
body=form.comment.data,
post=post,
agree_count=0,
disagree_count=0)
db.session.add(comment)
db.session.commit()
page = request.args.get('page', 1, type=int)
pagination = Comment.query.filter_by(post_id=post.id).order_by(
Comment.timestamp.desc()).paginate(
page,
per_page=current_app.config['COMMENTS_PER_PAGE'],
error_out=False)
comments = pagination.items
return render_template('post.html',
form=form,
post=post,
comments=comments,
pagination=pagination)
def delete_sure(id):
post = Post.query.get_or_404(id)
if current_user != post.author and \
not current_user.can(Permission.ADMINISTER):
abort(404)
db.session.delete(post)
return redirect(url_for('.index'))
def index():
form = PostForm()
if form.validate_on_submit() and \
current_user.can(Permission.WRITE_ARTICLES):
new_post = Post()
new_post.body = form.body.data
new_post.author = current_user._get_current_object()
db.session.add(new_post)
return redirect(url_for("main.index"))
show_followed = False
if current_user.is_authenticated():
show_followed = bool(request.cookies.get('show_followed', ''))
if show_followed:
query = current_user.followed_posts
else:
query = Post.query
page = request.args.get('page', 1, type=int)
pagination = query.order_by(Post.timestamp.desc()).paginate(
page,
per_page=current_app.config['FLASKY_POSTS_PER_PAGE'],
error_out=False)
posts = pagination.items
return render_template('index.html',
form=form,
posts=posts,
pagination=pagination,
showfollowed=show_followed)
def postdel(id):
post = Post.query.get_or_404(id)
if current_user != post.author and not current_user.can(Permission.ADMINISTER):
abort(403)
db.session.delete(post)
db.session.commit()
flash('The post has been deleted.')
return redirect( url_for('.index') )
def delete(id):
question = Question.query.get_or_404(id)
if current_user != question.author and not current_user.can(Permission.ADMINISTER):
abort(403)
q = Question.query.filter_by(id=id).first()
Potoca.query.filter_by(question_id=id).delete(synchronize_session=False)
db.session.delete(q)
return redirect(url_for('.index'))
def post_delete(id):
post = Post.query.get_or_404(id)
if current_user != post.author and \
not current_user.can(Permission.ADMINISTER):
about(403)
post.delete()
flash(u'文章已删除')
return redirect(url_for('.index'))
def delete(id):
post = Post.query.get_or_404(id)
if current_user != post.author and \
not current_user.can(Permission.ADMINISTER):
abort(403)
u = post.author
Post.delete(post)
return redirect(url_for('user.profile', username=u.username))
def delete_post(id):
post = Post.query.get_or_404(id)
if current_user !=post.author and not current_user.can(Permission.ADMINISTER):
abort(403)
db.session.delete(post)
db.session.commit()
flash('文章已被删除')
return redirect(url_for('.index'))
def delete(id):
post = Post.query.get_or_404(id)
if current_user == post.author or \
current_user.can(Permission.ADMINISTER):
db.session.delete(post)
db.session.commit()
flash(u'文章已删除!')
return redirect(url_for('.user', username=current_user.username))
return redirect(url_for('.post', id=post.id))
